﻿Imports System.Data.OleDb

Public Class Register
    Inherits System.Web.UI.Page

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        RegisterUser.ContinueDestinationPageUrl = Request.QueryString("ReturnUrl")
    End Sub

    'What happens just as the user is being created
    Protected Sub RegisterUser_CreatedUser(ByVal sender As Object, ByVal e As EventArgs) Handles RegisterUser.CreatedUser
        FormsAuthentication.SetAuthCookie(RegisterUser.UserName, False)

        Dim continueUrl As String = RegisterUser.ContinueDestinationPageUrl
        If String.IsNullOrEmpty(continueUrl) Then
            continueUrl = "~/"
        End If

        'Create database connection (can view connection string name from web.config)
        Dim oleDbConn As New OleDb.OleDbConnection(ConfigurationManager.ConnectionStrings("diycakeConnectionString").ConnectionString)

        'Create the sql string that will be used to add records to a database Syntax - "Insert into tablename(list of fields sperated by commas) values (list of values (aliases))"
        Dim SqlString As String = "INSERT INTO cakers (userUName,userStar,userDateAdded,userAvgStar) VALUES (@f1,@f2,@f3,@f4)"

        'Protect against sql injection attacks such as mass deletion or destruction of database
        Dim cmd As OleDbCommand = New OleDbCommand(SqlString, oleDbConn)
        cmd.CommandType = CommandType.Text
        'Open the database connection
        oleDbConn.Open()
        'User.Identity.Name cannot be used as it is not yet in the database so use RegisterUser.Name
        cmd.Parameters.AddWithValue("@f1", RegisterUser.UserName)
        cmd.Parameters.AddWithValue("@f2", "1")
        cmd.Parameters.AddWithValue("@f3", DateTime.Now.ToString())
        cmd.Parameters.AddWithValue("@f4", "0")
        cmd.ExecuteNonQuery()
        Response.Redirect("~/editProfile.aspx?userUName=" & RegisterUser.UserName)
    End Sub
End Class